Unified Endpoint Management: Why Microsoft and Apple Are Adopting It
For IT departments that might be more accustomed to an older approach to device provisioning, a move to UEM might be a bit of a change (like MDM once was), but in many ways it reflects the current environment.
It also reflects a shift in technology mindset among some of the major operating system vendors in the desktop ecosystem, away from imaging in favor of a certificate-based approach. This style of device provisioning, which first emerged with mobile devices, has moved to the desktop thanks in part to Apple, which uses a UEM-like approach with its Apple Business Manager program.
Apple tends to view its devices as consumer products that have a business use case, rather than the other way around. This means that the device must meet the needs of the end user while adhering to broader parameters set by IT through provisioning certificates.
In its Platform Deployment Guide for Mac, Apple specifically discourages companies from manually deploying firmware updates.
“Like the iPhone and iPad, Mac computers often rely on firmware updates specific to their model. Similarly, Mac operating system updates require that these firmware updates installed directly from Apple,” the company notes. “The most reliable strategy is to use the macOS Installer or MDM commands to perform the update.”
DIVE DEEPER: Learn about emerging themes as hybrid work continues to evolve.
For PCs, meanwhile, Microsoft’s Windows Autopilot takes a similar approach to distributing laptops with specific provisioning needs, including limiting admin access, using tools like Microsoft Cortana, and enforcing privacy settings. specific. As TechTarget notes, the goal with this type of technology is to allow a small number of presets to manage the end result for users.
And if your IT department relies on Google Chromebooks for deployment, they also support enrollment policies that can make it easier to deploy them if needed.
Going Beyond Imaging: The Case for Zero Touch Deployment
You might be wondering if this is easier or harder than the old imaging strategy. In some ways, there is still work to be done here, as you still need to define device provisioning rules, and building effective rule sets takes time.
You can also feel like you’re losing control by not planning exactly how the final images will appear on each system. On the other hand, there can still be a lot of long-term benefits. Perhaps, for example, you allow your Mac users to download software from the Mac App Store, allowing them to use some of their favorite life hacking apps with your company’s traditionally sanctioned tools. Perhaps your Windows users want to customize the system to their exact needs.
And then there are benefits to the mobile approach to consider. Adopting a certificate-based approach to provisioning, called zero-touch deployment, may seem like the ability to manage devices; it’s actually quite the opposite, as it allows devices to use efficient remote management without the headaches of manual imaging. Once the image is built, it is effectively hands-off, a huge benefit for remote teams.
Small businesses are always looking for ways to encourage growth without manual processes to slow things down. With that in mind, and with the help of a partner like CDW Amplified™ Configuration Services, unified endpoint management can help your organization keep pace with an increasingly mobile world.
This article is part of BizTechfrom the Agility blog series. Please join the discussion on Twitter by using the #SmallBizIT hashtag.